2025-01-10_27b174d459f5e299430420d125375d68_bkransomware_floxif

Sharing

Copy URL

Twitter E-mail

General

Target

2025-01-10_27b174d459f5e299430420d125375d68_bkransomware_floxif
Size

4.0MB
MD5

27b174d459f5e299430420d125375d68
SHA1

5c8ddccb23029f657658970d61b96faee5da765e
SHA256

009ba04ee1d2115a92c304ad86d842db9efd328eda6e867709bbf5d6aca4b7fb
SHA512

58e5d8e2e13ddf60bdc9a081e0ebd17800a8fb43d90323e0b08df805028dfbbee2216dae1f7167bad0bfd880eca89e766bd237df81f8dc401c7555b52bf59b92
SSDEEP

98304:s4LBDHFyGeA+97aCo26vxkp3eMnSyo93S:nVZyGuICaO0yo93S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-01-10_27b174d459f5e299430420d125375d68_bkransomware_floxif

Files

2025-01-10_27b174d459f5e299430420d125375d68_bkransomware_floxif
.exe windows:5 windows x86 arch:x86

fc12254045aea03036a8a79c88c41b58

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\Projects\uninstall-tool\Ready\UninstallTool-x86.pdb

Imports

shlwapi

UrlUnescapeW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathMatchSpecW
PathStripPathW
SHStrDupW
StrFormatByteSizeW
PathCompactPathW
ord487
PathParseIconLocationW
PathGetArgsW
PathUnquoteSpacesW
PathRemoveArgsW
PathIsRelativeW
PathIsDirectoryW
PathRemoveFileSpecW
PathFileExistsW
PathAddBackslashW
SHDeleteKeyW

kernel32

GlobalFlags
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetFileAttributesW
SetErrorMode
FindResourceExW
RtlUnwind
CreateThread
ExitThread
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleHandleExW
AreFileApisANSI
SetStdHandle
GetFileType
HeapQueryInformation
VirtualQuery
GetStdHandle
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetCPInfo
IsValidCodePage
GetOEMCP
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStringTypeW
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetTimeZoneInformation
GetConsoleMode
ReadConsoleW
GetConsoleCP
WriteConsoleW
GetDriveTypeW
SetEnvironmentVariableA
CreateFileW
CloseHandle
SetLastError
DeviceIoControl
SetEvent
ResetEvent
GlobalGetAtomNameW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
WaitForSingleObject
CreateEventW
TerminateThread
WaitForMultipleObjects
GetModuleHandleW
TlsAlloc
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
GetThreadLocale
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
SuspendThread
SetThreadPriority
GlobalFindAtomW
GlobalAddAtomW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
GetSystemDirectoryW
EncodePointer
GlobalFree
GetModuleHandleA
GetACP
lstrlenA
ExitProcess
LocalUnlock
FormatMessageA
EnumResourceLanguagesW
EnumResourceNamesW
EnumResourceTypesW
GetPrivateProfileSectionNamesW
CreateDirectoryW
InterlockedDecrement
InterlockedIncrement
LoadResource
LockResource
SizeofResource
FindResourceW
MultiByteToWideChar
WideCharToMultiByte
VerSetConditionMask
GetCurrentProcess
VerifyVersionInfoW
GetUserDefaultUILanguage
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetCurrentThreadId
MulDiv
GetLastError
TerminateProcess
OpenProcess
lstrlenW
FileTimeToLocalFileTime
GetFileSize
ReadFile
GetSystemTime
GetSystemTimeAsFileTime
GetProcAddress
FileTimeToDosDateTime
GetExitCodeProcess
CreateProcessW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
FreeLibrary
LoadLibraryA
lstrcpynW
GetCurrentDirectoryW
Sleep
GetLocalTime
GetModuleFileNameW
lstrcatW
DeleteFileW
GetComputerNameW
SearchPathW
lstrcmpW
DecodePointer
RaiseException
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionAndSpinCount
WinExec
GetTickCount
WriteFile
GetExitCodeThread
GetLongPathNameW
SetFilePointer
LocalLock
GetVersionExW
ExpandEnvironmentStringsW
VirtualProtect
GetNativeSystemInfo
GetVersion
FileTimeToSystemTime
ResumeThread
lstrcmpiW
GetFileAttributesExW
GetFileTime
SystemTimeToFileTime
MoveFileExW
IsBadReadPtr
IsBadWritePtr
RemoveDirectoryW
SetFileAttributesW
LoadLibraryW
LocalAlloc
LocalFree
FormatMessageW
GetCurrentProcessId
SetUnhandledExceptionFilter
CreateWaitableTimerW
VirtualUnlock
VirtualLock
VirtualFree
VirtualAlloc
GetSystemInfo
SignalObjectAndWait
CancelWaitableTimer
SetWaitableTimer
WaitForMultipleObjectsEx
OutputDebugStringW
OutputDebugStringA
WriteFileEx
SetFilePointerEx
GetFileSizeEx
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetProcessTimes
CompareFileTime
GlobalUnlock
GlobalLock
GlobalAlloc
GetTempPathW
QueryDosDeviceW
GetTempFileNameW
GetLogicalDriveStringsW
FindNextFileW
FindFirstFileW
FindClose
lstrcpyW
GetWindowsDirectoryW
OpenEventW
OpenMutexW
CreateMutexW
GetCommandLineW

user32

PostThreadMessageW
RegisterClipboardFormatW
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
ReleaseCapture
SetCapture
IsIconic
RealChildWindowFromPoint
GetSysColorBrush
MapDialogRect
SetWindowContextHelpId
CharUpperW
GetMenuItemInfoW
DestroyMenu
MapVirtualKeyW
GetKeyNameTextW
IntersectRect
SendMessageW
EnableWindow
DestroyIcon
IsWindowVisible
CharNextW
GetWindowDC
ShowOwnedPopups
LoadMenuW
GetNextDlgTabItem
EndDialog
IsWindowEnabled
SetDlgItemTextW
GetMonitorInfoW
MonitorFromWindow
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetTopWindow
GetClassLongW
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
GetScrollRange
SetScrollRange
ValidateRect
SetActiveWindow
UpdateWindow
SetMenu
GetMenu
GetCapture
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsChild
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
InflateRect
SetClassLongW
GetActiveWindow
GetWindowTextW
SystemParametersInfoW
SetMenuDefaultItem
GetForegroundWindow
SetRectEmpty
IsRectEmpty
EqualRect
DefWindowProcW
MessageBoxW
GetDesktopWindow
EnumWindows
GetDC
ReleaseDC
RegisterWindowMessageW
PostMessageW
IsWindow
GetFocus
GetKeyState
DrawTextW
InvalidateRect
GetClientRect
SetCursor
GetCursorPos
ScreenToClient
GetSysColor
SetRect
OffsetRect
PtInRect
GetParent
LoadCursorW
LoadImageW
DrawIconEx
GetIconInfo
GetSystemMetrics
GetWindowRect
SendMessageTimeoutW
GetWindowThreadProcessId
MessageBoxA
DrawFrameControl
SendDlgItemMessageA
WindowFromPoint
ShowScrollBar
GetUpdateRect
WinHelpW
IsDialogMessageW
GetLastActivePopup
MessageBeep
EndPaint
BeginPaint
DrawIcon
EnableMenuItem
GetSystemMenu
GetAsyncKeyState
GetDialogBaseUnits
CheckDlgButton
CreateDialogIndirectParamW
DestroyWindow
PostQuitMessage
WaitMessage
PeekMessageW
DispatchMessageW
TranslateMessage
CreateIconIndirect
LoadStringW
SetLayeredWindowAttributes
CreateWindowExW
RegisterClassExW
ExitWindowsEx
GetMessageW
SetWindowLongW
GetWindowLongW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
AttachThreadInput
CharLowerBuffW
CharLowerBuffA
EnumDisplaySettingsW
FindWindowExW
FindWindowW
SetFocus
ShowWindow
WaitForInputIdle
GetMessagePos
CreatePopupMenu
GetClassInfoW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
DrawStateW
GetWindow
RedrawWindow
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateMDISysAccel
DefFrameProcW
DrawMenuBar
GetTabbedTextExtentA
SetWindowLongA
GetWindowLongA
IsWindowUnicode
SetCursorPos
GetDoubleClickTime
DrawEdge
LookupIconIdFromDirectoryEx
UnionRect
ShowCaret
HideCaret
GetWindowRgn
IsMenu
GetCursor
IsClipboardFormatAvailable
IsZoomed
MapVirtualKeyExW
GetKeyboardState
IsCharLowerW
GetKeyboardLayout
GetKeyboardLayoutList
ToUnicodeEx
SetWindowRgn
AppendMenuW
DrawFocusRect
SetWindowPlacement
GetWindowPlacement
MoveWindow
FillRect
MapWindowPoints
SetWindowTextW
GetDlgItem
CharLowerW
LoadIconW
DeleteMenu
GetMenuItemCount
SetWindowPos
CopyIcon
GetClassNameW
KillTimer
SetTimer
SetForegroundWindow
GetMenuDefaultItem
TrackPopupMenu
UnregisterClassW
ClientToScreen
InsertMenuW
TabbedTextOutW
GrayStringW
DrawTextExW
CreateIconFromResourceEx
GetDCEx
LockWindowUpdate
InvertRect
wsprintfW
SetParent
CopyRect

gdi32

RestoreDC
PatBlt
GetDIBits
GetClipBox
CreateRectRgnIndirect
GetBitmapBits
CreateDIBSection
DeleteDC
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetBkColor
Escape
BitBlt
RoundRect
Rectangle
GetTextExtentPoint32W
GetStockObject
CreatePen
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
SelectObject
DeleteObject
CreateSolidBrush
GetDeviceCaps
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
RealizePalette
GetMapMode
SetRectRgn
DPtoLP
GetTextMetricsW
GetRgnBox
EnumFontFamiliesExW
SaveDC
ExtSelectClipRgn
SetBkColor
SetBkMode
SetDIBitsToDevice
StretchBlt
StretchDIBits
SetStretchBltMode
SetTextColor
CreateDCW
CombineRgn
CreateRectRgn
CreateRoundRectRgn
GetPixel
CreatePatternBrush
ExcludeClipRect
GetClipRgn
GetCurrentPositionEx
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
SelectClipRgn
SetMapMode
SetTextAlign
SetPixel
Polygon
GetCurrentObject
ExtCreateRegion
PtInRegion
GetViewportOrgEx
CreateFontW
Polyline
Ellipse
GetCharWidthW
GetTextAlign
GetTextExtentPoint32A
BeginPath
CloseFigure
EndPath
FillPath
StrokeAndFillPath
StrokePath
CreatePolygonRgn
GetWindowOrgEx
SetPixelV
FillRgn
FrameRgn
MoveToEx
GetTextColor
CreateBitmap
PolyBezierTo

msimg32

AlphaBlend
GradientFill

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegOpenKeyExW
RegCreateKeyW
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegQueryInfoKeyW
CloseServiceHandle
RegQueryValueW
RegEnumKeyW
RegEnumValueW
ConvertSidToStringSidW
LookupPrivilegeValueW
IsValidSid
GetTokenInformation
RegCloseKey
AdjustTokenPrivileges
OpenProcessToken
RegEnumKeyExW
RegDeleteKeyW
StartServiceW
QueryServiceStatus
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
EnumServicesStatusExW
ControlService

shell32

SHChangeNotify
SHGetSpecialFolderPathW
SHCreateDirectoryExW
SHGetPathFromIDListW
ShellExecuteExW
ShellExecuteW
DragQueryFileW
DragAcceptFiles
ExtractIconExW
SHGetFileInfoW
CommandLineToArgvW
DragFinish
Shell_NotifyIconW
SHGetMalloc
SHGetSpecialFolderLocation
SHAppBarMessage

comctl32

ImageList_Draw
ImageList_AddMasked
_TrackMouseEvent
ImageList_Destroy
ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_GetImageCount
ImageList_Add
ImageList_DrawEx
ImageList_GetIcon
ImageList_GetImageInfo
ImageList_GetIconSize

uxtheme

DrawThemeParentBackground
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeBackground
CloseThemeData
OpenThemeData

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoRegisterMessageFilter
CLSIDFromProgID
CLSIDFromString
CoDisconnectObject
CoInitialize
CoCreateGuid
CoTaskMemAlloc
CoInitializeSecurity
CoTaskMemFree
PropVariantClear
CoCreateInstance
CoInitializeEx
CoUninitialize

oleaut32

OleLoadPicturePath
VariantChangeTypeEx
VarUdateFromDate
VarBstrFromDate
SysAllocString
SysAllocStringLen
SysFreeString
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayUnaccessData
SafeArrayCreateVector
VariantInit
VariantClear
SysStringLen
SysStringByteLen
SysAllocStringByteLen
VariantCopy
VariantChangeType
OleCreateFontIndirect
LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayGetDim
SafeArrayGetElemsize
VarDateFromStr
SafeArrayAccessData

oledlg

OleUIBusyW
OleUIAddVerbMenuW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

psapi

GetModuleFileNameExW

oleacc

CreateStdAccessibleObject
LresultFromObject

wininet

InternetSetStatusCallbackW
InternetSetOptionExW
InternetQueryOptionW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetOpenUrlW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetGetLastResponseInfoW

winmm

PlaySoundW

Exports

Exports

_EXECryptor_AntiDebug@0
_EXECryptor_DecodeSerialNumber@16
_EXECryptor_DecodeSerialNumberW@16
_EXECryptor_DecryptStr@8
_EXECryptor_DecryptStrW@8
_EXECryptor_EncryptStr@8
_EXECryptor_EncryptStrW@8
_EXECryptor_GetDate@0
_EXECryptor_GetEXECryptorVersion@0
_EXECryptor_GetHardwareID@0
_EXECryptor_GetProcAddr@8
_EXECryptor_GetReleaseDate@0
_EXECryptor_GetTrialDaysLeft@4
_EXECryptor_GetTrialRunsLeft@4
_EXECryptor_IsAppProtected@0
_EXECryptor_IsRegistered@0
_EXECryptor_MessageBoxA@16
_EXECryptor_ProtectImport@0
_EXECryptor_RegConst_0@0
_EXECryptor_RegConst_1@0
_EXECryptor_RegConst_2@0
_EXECryptor_RegConst_3@0
_EXECryptor_RegConst_4@0
_EXECryptor_RegConst_5@0
_EXECryptor_RegConst_6@0
_EXECryptor_RegConst_7@0
_EXECryptor_SecureRead@8
_EXECryptor_SecureReadW@8
_EXECryptor_SecureWrite@8
_EXECryptor_SecureWriteW@8
_EXECryptor_VerifySerialNumber@16
_EXECryptor_VerifySerialNumberW@16

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 616KB - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc12254045aea03036a8a79c88c41b58

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

uxtheme

ole32

oleaut32

oledlg

version

psapi

oleacc

wininet

winmm

Exports

Exports

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 616KB - Virtual size: 616KB

.data Size: 50KB - Virtual size: 76KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 616KB - Virtual size: 616KB

.data
Size: 50KB - Virtual size: 76KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB